Customers that are intending to implement SiteWALL WAF will have to allow/whitelist the following IP address in their security solution for the service to work efficiently.
Customers should ensure that access is permitted from all IP addresses to their websites/ web applications. Allowing access to only specific IP address may result in a loss of service.
IP addresses:
Q1. Why do I need to whitelist SiteWALL WAF IPs?
A: SiteWALL operates as a reverse proxy, inspecting and filtering traffic before it reaches your web application. To ensure uninterrupted legitimate traffic flow, your origin web application server must trust SiteWALL’s IPs. Whitelisting our IPs prevents your server from mistakenly blocking or rate-limiting secure requests forwarded by the WAF.
Q2. What happens if I don’t whitelist SiteWALL IPs?
A: If SiteWALL IPs are not whitelisted:
Your server may block or throttle legitimate traffic.
Health checks, request forwarding, or authentication flows may fail.
It may lead to false positives in your server logs or other security tools.
Q3. Where do I need to apply the whitelist?
A: Whitelisting should be done at:
Your Firewall, web server or application firewall (e.g., NGINX, Apache, IIS)
Any hosting provider or cloud firewall (e.g., AWS Security Groups, Azure NSGs, Cloudflare, etc.)
Any backend security tools that perform IP-based filtering
Q4. Which IPs do I need to whitelist?
A: The above listed IP addresses should be whitelisted.
Q5. How often do the SiteWALL IPs change?
A: SiteWALL IPs are stable, but we may occasionally (Once in 6 months) update them for scaling or security. You’ll be notified in advance via email or through your client portal.
Q6. Is there a security risk in whitelisting WAF IPs?
A: No. These IPs are controlled and monitored by SiteWALL and only forward sanitized, verified traffic to your server. Whitelisting them is standard practice for WAF protection.
Q7. Can I test before fully whitelisting?